|
|
|
|
|
|
by johnmoore
3376 days ago
|
|
|
Anyone who uses godaddy add 2FA now and i mean now. This is my story I enabled 2FA i don't why. I think i read somewhere, how someone got there domains stoled. Last month ago, I got a text message out of the blue, I googled the number and it was godaddy service. So this person had got my username and password in godaddy and hit the 2FA, godaddy uses customer IDs and the password i use was a old password but one i didn't use in any other service. So someone is running through all the customers Id numbers with a password dictonary because i knew this password was on one of those leaked password dictionaries. They can do this because the godaddy site doesn't lock the account out for 24 hours after 5 wrong times. The hacker can try different combinations multiple times. This is a major flaw on there site. |
|
|